Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
File: 35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa (raw, json)
Hash identifier: Q1Mk4AdHqhIFOTLeIHquaszo5QtBJrbL8TXw7mmeONM=
Subject key identifier: DE:B2:3E:18:F0:29:F7:BF:EE:23:EF:C8:7C:3F:60:A4:A1:55:BD:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7C9A266BB56B8FEC66A190458A315A488FC227F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
Signing time: Tue 05 Aug 2025 20:10:18 +0000
ROA not before: Tue 05 Aug 2025 20:10:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:9a:26:6b:b5:6b:8f:ec:66:a1:90:45:8a:31:5a:48:8f:c2:27:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Aug 5 20:10:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8373e261341f7efbf105e99eb5d45409c8103d06711464afaadf97c8e24d40fe, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:19:be:bb:7f:f8:ff:9e:7e:5e:af:96:77:d6:
69:b6:a5:7b:6e:8a:d2:58:a8:a1:36:c4:1e:fe:ed:
ac:66:27:c7:0c:ec:4f:fd:3c:7e:75:77:32:3f:02:
66:f6:d5:ea:26:dd:4a:83:f7:6a:a1:89:e1:1a:15:
97:76:bc:de:27:db:bf:8c:6b:8f:fe:a9:2a:46:98:
08:5c:96:22:c4:0d:22:d3:f0:3a:60:e1:82:45:6b:
de:fc:13:b1:cf:72:49:0f:3a:31:93:c0:33:e1:87:
57:f2:80:02:e3:b7:f1:d0:35:05:d4:c0:74:79:f9:
68:54:56:96:27:02:12:80:0c:ad:03:6d:ae:4e:d0:
ef:13:9b:1d:c8:da:8c:72:7b:90:8e:c9:31:49:87:
c7:1f:21:e4:58:64:c6:40:ed:f6:b9:78:57:6a:36:
48:42:b6:32:9b:16:fe:ec:70:40:e2:b4:ca:21:bd:
ae:0e:c0:fc:45:1e:e6:98:86:2f:dd:0d:60:1b:ff:
3f:b5:2c:4d:3c:98:66:37:cd:af:f9:4e:19:fc:37:
0b:f1:93:20:59:1b:65:e6:56:bd:0f:66:f3:51:b7:
61:b7:9a:71:d6:6e:5f:1e:55:8d:44:6f:2f:c1:d0:
4a:ed:a3:07:27:64:ae:21:38:87:c0:a5:c6:96:d0:
4e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B2:3E:18:F0:29:F7:BF:EE:23:EF:C8:7C:3F:60:A4:A1:55:BD:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/35bb0da5-0a2d-4b80-aafe-af7e74cf5869.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/38
Signature Algorithm: sha256WithRSAEncryption
80:55:cb:a0:ac:f6:fa:32:2c:15:2d:35:4d:77:a5:11:b1:47:
a9:06:3a:cd:49:3d:6a:51:af:79:3d:38:0b:33:54:05:60:9b:
84:4d:51:9b:ce:14:87:f4:f0:23:f5:c7:bd:3e:1b:c8:c0:4e:
33:98:0c:0c:ab:c3:25:8c:82:c4:9c:fe:2b:e4:e6:19:ca:53:
a3:ce:98:a5:c7:62:3d:37:cd:81:b0:17:be:36:1a:21:7e:13:
7b:43:da:ad:8e:4b:37:24:be:a0:58:60:13:a1:01:e5:ad:da:
01:a7:d4:68:a1:5a:56:f3:9a:39:e6:38:8b:15:36:31:8b:2e:
b3:3d:ac:fd:a1:29:35:75:ad:0d:ea:86:83:7e:a2:77:e7:01:
fd:bc:29:1d:ec:6b:2a:7c:7a:f5:b5:f0:a8:8e:b2:23:00:64:
fb:27:d2:1f:b8:bb:03:d7:e1:64:1a:fe:22:aa:44:6f:18:4b:
5f:d7:05:97:3a:f2:bd:23:e8:59:55:5b:e3:31:79:96:fb:46:
d4:c6:03:c0:75:85:bf:f2:63:d7:d5:e2:93:66:a2:77:65:9c:
e7:86:7a:26:42:b9:84:29:95:cb:d2:c7:16:c8:32:60:60:e3:
a5:aa:b1:fb:d1:e9:2b:c3:a9:95:f3:69:da:d5:8b:f6:f1:54:
ad:64:82:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfJoma7Vrj+xmoZBFijFaSI/CJ/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA4MDUyMDEwMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzNzNlMjYxMzQxZjdlZmJmMTA1ZTk5ZWI1ZDQ1NDA5YzgxMDNkMDY3MTE0
NjRhZmFhZGY5N2M4ZTI0ZDQwZmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOsZvrt/+P+efl6vlnfWabale26K0liooTbEHv7trGYnxwzsT/08fnV3Mj8C
ZvbV6ibdSoP3aqGJ4RoVl3a83ifbv4xrj/6pKkaYCFyWIsQNItPwOmDhgkVr3vwT
sc9ySQ86MZPAM+GHV/KAAuO38dA1BdTAdHn5aFRWlicCEoAMrQNtrk7Q7xObHcja
jHJ7kI7JMUmHxx8h5FhkxkDt9rl4V2o2SEK2MpsW/uxwQOK0yiG9rg7A/EUe5piG
L90NYBv/P7UsTTyYZjfNr/lOGfw3C/GTIFkbZeZWvQ9m81G3YbeacdZuXx5VjURv
L8HQSu2jBydkriE4h8ClxpbQTnkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTesj4Y
8Cn3v+4j78h8P2CkoVW9ezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzViYjBkYTUtMGEyZC00YjgwLWFhZmUtYWY3ZTc0Y2Y1ODY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCAVcugrPb6MiwVLTVNd6URsUepBjrNST1qUa95
PTgLM1QFYJuETVGbzhSH9PAj9ce9PhvIwE4zmAwMq8MljILEnP4r5OYZylOjzpil
x2I9N82BsBe+NhohfhN7Q9qtjks3JL6gWGAToQHlrdoBp9RooVpW85o55jiLFTYx
iy6zPaz9oSk1da0N6oaDfqJ35wH9vCkd7GsqfHr1tfCojrIjAGT7J9IfuLsD1+Fk
Gv4iqkRvGEtf1wWXOvK9I+hZVVvjMXmW+0bUxgPAdYW/8mPX1eKTZqJ3ZZznhnom
QrmEKZXL0scWyDJgYOOlqrH70ekrw6mV82na1Yv28VStZILz
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:47:20 2025 by rpki-client